I have a WWW-server, my problem is that the content is sensitive and should not be accessible for people without proper credentials.

How can I improve the ease of use but still maintain security following scenario;

The Server is accessed through a "jumper host", i.e. the client connects to the jumper using VPN-connection and uses RemoteDesktop to access the jumper.
From the jumper he uses RemoteDesktop again to access the Server.
Finally on the Server the user can access content using a WWW-browser.

All the way from the VPN-client to the WWW-browser requires authentication using a SmartCard-token.

This seems quite secure to me.
Content only gets mirrored on the RemoteDesktop between Server and jumper, no cached files to worry about. Connection between jumper and client is protected using VPN(ssl), so no eavesdropping.

But it is quite cumbersome for the clients with many steps and connections to open. :(

So, how can I improve the user experience accessing my server without compromising security?

2 Answers
2

Issues with above:
1) The jumper host aka Bastion host, is effectively serving as a VPN concentrator
2) It isn't clear if you are only using the smartcard for authentication
3) This is complex and difficult for users.
4) The extra work you are having users perform may not be measurably increasing security
5) You have not mentioned anything about the configuration of the network in general, firewalls, IDS, operating system types, etc.

Recommendations:
1) Replace the bastion host with a VPN concentrator, having a stripped down OS.
2) Use more than one authenticator
3) Lock down above, to include restricting accessible hosts, and make the server accessible only to the concentrator
4) Layered VPNs is preferable to VPN + RDP. IPSEC > SSL.
5) Secure the Web server to restrict access
6) You could attempt to automate a portion of this, by making the VPN persistent, or launching a script which initiates the connection but does not authenticate
7) You need to consider the security of the Smartcard and underlying infrastructure which was absent from your description. There is lots more to a secure PKI than just using a smart card authenticator!

There are a ton of variables here so I can only send you some general practices that might make it easier. But it is hard to really ensure security of your end-website without having a fully secure chain from the end user to the server. Having a user access the website, even via a VPN which is protected with SmartCard will still open some loopholes that will allow an external party to view content on the remote security website.

For example, imagine if the end-user is sitting on a PC with spyware installed, with the capability to take screen shots? All of the "security" you have enacted is bypassed by this simple program.

However, this doesn't answer your question. The only thing I can think of that might make this easier for your end-users is to use a web-based access to your remote desktop server. You can do this through a ready-made service such as LogMeIn or GoToMyPC. There may also be some Citrix customized installation that will allow clients access to the remote PC without going through the rigamarole of installing a VPN client and using the remote desktop client.